Note: This page is still a work in progress, check back in a few days for more updates.
I, like many internet users, am overloaded in SPAM. The number of spam coming in per day had made my e-mail nearly useless. My Inbox had grown to nearly 5000 messages, 95% or higher was spam. Large amounts of bandwidth was being was downloading this junk e-mail, not to mention all the time to sort through the e-mail. I was not the only user, several employee's at the company were having these problems. Since I have apparently been elected the unofficial sysadmin, I decided to do my best to restore order to the mail system and peace to it's users.
There are two main parts to solving the SPAM problem that I see. First is to filter incoming mail and reject e-mail forgeries. Along with this filter out viruses and other e-mail that appears to be unwanted SPAM like Viagra ads. The second part, which should really be first, is to prevent e-mail harvesting which leads to spam.
The first problem was to do the best to sort out spam coming in.
This is by far the most obvious and most common solution, but yet it is probably the worst solution there is. There are many filters available that will filter spam out of your incoming mail, some of them integrate with a mail server, while others are directly part of the mail client. There are at least two types of filters available, learning filters and rule-based filters.
One of the ways which e-mails are harvested for spammers is through web crawlers that search for e-mail addresses on webpages. They search the web endlessly for more e-mail addresses to spam and if you have your e-mail address visible on your site, they can find it. The primary way they identify an e-mail address is through the use of the @ sign. To keep the address from being obvious, some web developers have written e-mail addresses using text which is not an email address, but can be understood by a human, say, writing it like webmaster AT north-winds DOT org. This works and is pretty future proof, at least for a while, but it's inconvenient for the surfer and requires them to type in the correct address.